- Ongoing Projects
• Open-Source Security: Studying how vulnerabilities can be introduced in open source programs by
seemingly valid patches.
https://raw.githubusercontent.com/Qiush ... QSW_CV.pdf
agree with all that but you can perceive a hint of preexisting expectations here:not people are approved or disapproved --- latter at least until they've proven themselves untrustworthy as here --- but code is
I read just enough of the PDF to see where this was going...lol...Nice Try, but he got caught...lol...DAMIENOngoing Projects
• Open-Source Security: Studying how vulnerabilities can be introduced in open source programs by
seemingly valid patches.
https://raw.githubusercontent.com/Qiush ... QSW_CV.pdf
To be perfectly frank I am not so sure they did in fact "kept trying to lie about it". That earlier episode was eventually even published as a paper, and this time the submitter claimed the bad or useless patches to have been the result of a static code analyser, i.e., of a by said submitter written piece of software that programmatically detected, in the case I actually looked at, i.e., https://lore.kernel.org/linux-nfs/YH5%2 ... kroah.com/, a possible double-free bug.
Torvalds was reacting to the act by a group at the University of Minnesota who sent known buggy patches to senior developer Greg Kroah-Hartman in order to write a paper.
Kroah-Hartman, normally a man who is the epitome of politeness, lost his cool when these patches were sent as it needlessly created additional work for him. He maintains the stable line of kernels.
"I don't really know what to say, I think the email thread is likely the most relevant information," Torvalds told iTWire in response to a query.
"I don't think it has been a huge deal _technically_, but people are pissed off, and it's obviously a breach of trust."
Sadly, one of the research paper's authors is a professor.Barbados99 wrote: It seems like the people with oversight approval (the professors who are charged with guiding these people) must be pretty irresponsible to say the least. They certainly are not qualified to advise students.
I don't mean to keep up on it, but I have colleagues still giving me a hard time about it (in good-natured fun), so I have their blips on my radar. And I'm not even an alumnus of the University, so my sensitivity is admittedly an overreaction. And I think they know that, therefore I'm arguably enabling their continued prodding.rene wrote: Thanks for keeping tabs; issue had already fallen from my radar again.
I've once again backspaced over a long-winded passionate response, but I'm in agreement for banning the University at this time. Something went wrong somewhere, and this needs to be properly addressed before any future considerations can begin to be discussed by the kernel development team. The University has said they're taking this extremely seriously, and they well should.rene wrote: gregkh certainly is pissed